[Twisted-Python] Twisted Web sessions

Christopher Armstrong radix at twistedmatrix.com
Tue Dec 16 17:12:43 EST 2003


Michal Pasternak wrote:
> how do I protect from session-hijacking when using Twisted Web? Is it the
> same as with PHP -- or do you, Twisted guys, already think out of something?

AFAIK, the entirety of the built-in protection is that the session key 
is a long random number. Your best bet is SSL, I think.

-- 
  Twisted | Christopher Armstrong: International Man of Twistery
   Radix  |          Release Manager,  Twisted Project
---------+           http://radix.twistedmatrix.com/




More information about the Twisted-Python mailing list